[android] - only pin certificates on current used environement. (#6766)

update certificates sha256 for certificate pinning.
author: Tobrun <tobrun.van.nuland@gmail.com> 2016-10-24 22:38:10 +0200
committer: GitHub <noreply@github.com> 2016-10-24 22:38:10 +0200
commit: ed1ceecc0994da19b520b89d4d355528a71be717 (patch)
tree: e2e6884f94c70c2ed0adb67b3879e423218ff8cf
parent: 89ba2f21519a282f3633f605932335c98bf34590 (diff)
download: qtlocation-mapboxgl-ed1ceecc0994da19b520b89d4d355528a71be717.tar.gz
1 files changed, 23 insertions, 21 deletions
diff --git a/platform/android/MapboxGLAndroidSDK/src/main/java/com/mapbox/mapboxsdk/telemetry/MapboxEventManager.java b/platform/android/MapboxGLAndroidSDK/src/main/java/com/mapbox/mapboxsdk/telemetry/MapboxEventManager.java
index 7d22292601..bedb54ca46 100644
--- a/platform/android/MapboxGLAndroidSDK/src/main/java/com/mapbox/mapboxsdk/telemetry/MapboxEventManager.java
+++ b/platform/android/MapboxGLAndroidSDK/src/main/java/com/mapbox/mapboxsdk/telemetry/MapboxEventManager.java
@@ -65,6 +65,7 @@ public class MapboxEventManager {
     private static MapboxEventManager mapboxEventManager = null;
 
     private boolean initialized = false;
+    private boolean stagingEnv;
     private boolean telemetryEnabled;
 
     private final Vector<Hashtable<String, Object>> events = new Vector<>();
@@ -173,12 +174,10 @@ public class MapboxEventManager {
                 stagingAccessToken = prefs.getString(MapboxConstants.MAPBOX_SHARED_PREFERENCE_KEY_TELEMETRY_STAGING_ACCESS_TOKEN, null);
             }
 
-            if (!TextUtils.isEmpty(stagingURL)) {
+            if (!TextUtils.isEmpty(stagingURL) && !TextUtils.isEmpty(stagingAccessToken)) {
                 eventsURL = stagingURL;
-            }
-
-            if (!TextUtils.isEmpty(stagingAccessToken)) {
-                this.accessToken = stagingAccessToken;
+                this.accessToken = accessToken;
+                stagingEnv = true;
             }
 
             // Build User Agent
@@ -715,29 +714,32 @@ public class MapboxEventManager {
                 }
 
                 // Based on http://square.github.io/okhttp/3.x/okhttp/okhttp3/CertificatePinner.html
-                CertificatePinner certificatePinner = new CertificatePinner.Builder()
-                        // Staging - Geotrust
-                        .add("cloudfront-staging.tilestream.net", "sha256/kR9ysyN/lzBl/ecearDERV7qO7xqSN4jt6XuQjIVL0I=")
-                        .add("cloudfront-staging.tilestream.net", "sha256/sPbNCVpVasMJxps3IqFfLTRKkVnRCLrTlZVc5kspqlkw=")
-                        .add("cloudfront-staging.tilestream.net", "sha256/h6801m+z8v3zbgkRHpq6L29Esgfzhj89C1SyUCOQmqU=")
-                        // Prod - Geotrust
-                        .add("events.mapbox.com", "sha256/BhynraKizavqoC5U26qgYuxLZst6pCu9J5stfL6RSYY=")
-                        .add("events.mapbox.com", "sha256/owrR9U9FWDWtrFF+myoRIu75JwU4sJwzvhCNLZoY37g=")
-                        .add("events.mapbox.com", "sha256/SQVGZiOrQXi+kqxcvWWE96HhfydlLVqFr4lQTqI5qqo=")
-                        // Prod - DigiCert
-                        .add("events.mapbox.com", "sha256/Tb0uHZ/KQjWh8N9+CZFLc4zx36LONQ55l6laDi1qtT4=")
-                        .add("events.mapbox.com", "sha256/RRM1dGqnDFsCJXBTHky16vi1obOlCgFFn/yOhI/y+ho=")
-                        .add("events.mapbox.com", "sha256/WoiWRyIOVNa9ihaBciRSC7XHjliYS9VwUGOIud4PB18=")
-                        .build();
+                CertificatePinner.Builder certificatePinnerBuilder = new CertificatePinner.Builder();
+                if(stagingEnv){
+                    // Staging - Geotrust
+                    certificatePinnerBuilder
+                            .add("cloudfront-staging.tilestream.net", "sha256/3euxrJOrEZI15R4104UsiAkDqe007EPyZ6eTL/XxdAY=")
+                            .add("cloudfront-staging.tilestream.net", "sha256/5kJvNEMw0KjrCAu7eXY5HZdvyCS13BbA0VJG1RSP91w=")
+                            .add("cloudfront-staging.tilestream.net", "sha256/r/mIkG3eEpVdm+u/ko/cwxzOMo1bk4TyHIlByibiA5E=");
+                }else{
+                    certificatePinnerBuilder
+                            // Prod - Geotrust
+                            .add("events.mapbox.com", "sha256/BhynraKizavqoC5U26qgYuxLZst6pCu9J5stfL6RSYY=")
+                            .add("events.mapbox.com", "sha256/owrR9U9FWDWtrFF+myoRIu75JwU4sJwzvhCNLZoY37g=")
+                            .add("events.mapbox.com", "sha256/SQVGZiOrQXi+kqxcvWWE96HhfydlLVqFr4lQTqI5qqo=")
+                            // Prod - DigiCert
+                            .add("events.mapbox.com", "sha256/Tb0uHZ/KQjWh8N9+CZFLc4zx36LONQ55l6laDi1qtT4=")
+                            .add("events.mapbox.com", "sha256/RRM1dGqnDFsCJXBTHky16vi1obOlCgFFn/yOhI/y+ho=")
+                            .add("events.mapbox.com", "sha256/WoiWRyIOVNa9ihaBciRSC7XHjliYS9VwUGOIud4PB18=");
+                }
 
                 OkHttpClient client = new OkHttpClient.Builder()
-                        .certificatePinner(certificatePinner)
+                        .certificatePinner(certificatePinnerBuilder.build())
                         .addInterceptor(new GzipRequestInterceptor())
                         .build();
                 RequestBody body = RequestBody.create(JSON, jsonArray.toString());
 
                 String url = eventsURL + "/events/v2?access_token=" + accessToken;
-//                Log.d(TAG, "Events URL = " + url);
 
                 Request request = new Request.Builder()
                         .url(url)
author	Tobrun <tobrun.van.nuland@gmail.com>	2016-10-24 22:38:10 +0200
committer	GitHub <noreply@github.com>	2016-10-24 22:38:10 +0200
commit	ed1ceecc0994da19b520b89d4d355528a71be717 (patch)
tree	e2e6884f94c70c2ed0adb67b3879e423218ff8cf
parent	89ba2f21519a282f3633f605932335c98bf34590 (diff)
download	qtlocation-mapboxgl-ed1ceecc0994da19b520b89d4d355528a71be717.tar.gz